Pharming refers to redirecting website traffic through hacking, whereby the hacker implements tools that redirect a search to a fake website. Pharming may cause users to find themselves on an illegitimate website without realizing they have been redirected to an impostor site, which may look exactly like the real site. Pharming occurs when hackers locate vulnerabilities in domain name server (DNS) software. Pharming can also occur by rearranging the host’s file on the targeted computer. Online banking websites as well as e-commerce organizations have become popular pharming targets. Desktops are also vulnerable to pharming threats due to their lack of security administration. Pharming and phishing threats have been used simultaneously and these can cause the most potential for online identity theft. Unfortunately, anti virus and anti-spyware software are often incapable of protecting against this type of cybercrime.
Routers have been surfacing as being just as vulnerable to pharming as hosts files. Unfortunately, router pharming is much more difficult to detect. Harmful DNS information can land on routers in two ways:
Routers give administrators the option to choose a trusted DNS as opposed to a suggested one. If the administrator isn't well-versed in computers, he or she should avoid a custom DNS, because hackers are more able to choose a DNS under the administrator's control compared to a legitimate one. Pharming is certainly nothing new, but it is being used more often and is causing increasing harm in the computing world. Computer experts point the finger of blame at domain registrars for security loopholes and a general lack of standards for keeping domains exclusive. Suggestions for mitigating these problems include asking registrars for their written policies as well as insisting on immediate notification should a registrar receive a domain move request. Other suggestions include keeping domains locked and keeping authoritative contact information current, as well as using registrars with round-the-clock availability. If none of these suggestions works in preventing pharming, contacting VeriSign, which is the domain registry for .com and .net, may be useful.
Read More »